For businesses large and small, relying on a cloud-based collaboration and productivity suite such as Microsoft Office 365 is becoming the norm. Enhancing productivity in your organisation is vital to get ahead in 2017 - and using Office 365 can help, if it's used right...

Skype flaw allows for collection of user IP addresses

Company working to patch security flaw

Skype is warning users that some personal details may be at risk following the launch of a site devoted to harvesting user IP addresses.

The Skype IP-Finder site allowed third-parties to see a user's last known IP address by simply typing in a user name.

"We are investigating reports of a new tool that captures a Skype user's last known IP address," Skype director of product Security Adrian Asher said in a statement released to V3.

"This is an ongoing, industry-wide issue faced by all peer-to-peer software companies."

The search tool, which has since been taken offline, exploits a recently discovered vulnerability in Skype.

The original vulnerability was detailed by an unidentified user on the note-sharing site Pastebin.

Instructions on the site explained how a user could download a patched version of Skype that would "help you to get info about Skype user: City, Country, Internet provider and internal user IP-address."

While the original vulnerability was quickly fixed by de-authorising any Skype user who used the modified patch, the search portal allowed for users to find out private IP information without the need for the modified patch.

The result was a system in which anyone can collect personal Skype data with just a user name.

The disclosure comes as Skype looks to move forward from its $8bn acquisition by Microsoft. Since the deal closed, the company has seen its VoIP platform become a key component in Microsoft's enterprise communications plans.